top of page

Responsible Disclosure Policy

HoldMyTicket is providing this service to help ensure a safe and secure environment for all users.

If external parties find any sensitive information, potential vulnerabilities, or weaknesses, please help by responsibly disclosing it to ResponsibleDisclosure@fullsteam.com.

This policy applies to HoldMyTicket hosted applications and to any other subdomains or services associated with products. HoldMyTicket does not accept reports for vulnerabilities which solely affect marketing websites (https://sell.holdmyticket.com), containing no sensitive data.

Security researchers must not:

  • Engage in physical testing of facilities or resources

  • Engage in social engineering

  • Send unsolicited electronic mail to HoldMyTicket users, including “phishing” messages,

  • Execute or attempt to execute “Denial of Service” or “Resource Exhaustion” attacks,

  • Introduce malicious software

  • Execute automated scans or tools that could disrupt services, such as password guessing attacks, or be perceived as an attack by intrusion detection/prevention systems

  • Test in a manner which could degrade the operation of HoldMyTicket systems; or intentionally impair, disrupt, or disable HoldMyTicket systems

  • Test third-party applications, websites, or services that integrate with or link to or from HoldMyTicket systems

  • Delete, alter, share, retain, or destroy HoldMyTicket data, or render HoldMyTicket data inaccessible, or, use an exploit to exfiltrate data, establish command line access, establish a persistent presence on HoldMyTicket systems, or “pivot” to other HoldMyTicket systems.

Security researchers may:

  • View or store HoldMyTicket nonpublic data only to the extent necessary to document the presence of a potential vulnerability.

Security researchers must:

  • Cease testing and notify us immediately upon discovery of a vulnerability,

  • Cease testing and notify us immediately upon discovery of an exposure of nonpublic data, and,

  • Purge any stored HoldMyTicket nonpublic data upon reporting a vulnerability.

Thank you for helping to keep HoldMyTicket and our users safe!

About Us Header.png

Sell tickets to an event today.

Speak to our team for a tailored solution.  

bottom of page